Cloudflare Docs
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Require WARP

Feature availability
Operating SystemsWARP mode requiredZero Trust plans
All systemsWARP with GatewayAll plans

Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user’s traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.

The process involves two steps:

  1. Setting up Require WARP as a device posture check.
  2. Adding the check to new or existing Access policies to enforce the check for one or more of your applications.

Set up a device posture check

  1. On your Zero Trust dashboard, navigate to My Team > Devices > Device Posture.

    Device Posture

  2. Select WARP.

  3. Click Save.

You are now ready to start requiring WARP for your Access applications.

Add the check to a Zero Trust policy

  1. On the Zero Trust dashboard, navigate to Access > Applications.

  2. Locate the application for which you want to require WARP.

  3. Click Edit.

  4. To have an existing policy require WARP, click Edit for that specific policy. Then, add an Include or Require rule with the option WARP selected.

  5. Click Save rule.

Before granting access to the application, your policy will now check that the user is running the WARP client on their machine.